Our Expertise

Real expertise
is focused expertise

When asked why he robbed banks, Willy Sutton, the notorious American bank robber, replied, “Because that’s where the money is.”

Why do we focus on the areas we do?
“Because that’s where the threats are.”

Real Cybersecurity

Real Cybersecurity is…

It’s knowing what software you’re actually running, with a crucial focus on all the little pieces that make up the whole, and validating that they are what they should be.

It’s software supply chain wariness. Open source is bringing in a whole new source of risk vectors. Weaknesses in every link along the software supply chain —how software goes from a developer writing code to the end user— abound.

It’s knowing how to minimize the number of ‘attack surfaces’ as companies make greater use of network and internet-connected technologies, cloud-based services and remote third parties.

Bad actors are smart thinkers. Which is why minimizing the risk of cyber fraud, ransomware, and data theft requires different smart thinkers. Experts who know how hackers think, how they operate and their goals.

Fortifying cyberdefenses in the fast-moving world of cybersecurity is an always-on task. It requires constant oversight. It’s not a snap-your-fingers achievement.

Every company is a data company

Sussman protects your next annual report

Real Infrastructure security

Real Infrastructure security keeps the world going round

But threats are rising.

While the prevalence of OT vulnerabilities presents a challenge for all organizations, critical infrastructure is at increased risk. Disabling critical services, not even necessarily destroying them, is a powerful lever.

Real security is a powerful counter lever.

Critical infrastructure sectors we protect

– Telecom
– Mining
– Oil and Gas
– Power Plants
– Railways
– Airports
– Water Supply

Real Infrastructure security is…

But the vigilance associated with the past is not the vigilance needed for the future.

Infrastructure security is more than physical security, its cybersecurity. Our infrastructure OT and IT assessments and our bespoke designs and plans are rewriting the book on how infrastructure can and must be protected.

Our experts read an infrastructure’s vulnerabilities with a very specific literacy born of experience securing pipelines, water plants, ports, train stations, airports around the world.

We have but to recall the havoc caused by pipelines compromised by threat actors to remind ourselves that infrastructure threats are very real. And very consequential.

Real Physical security

Real Physical security takes the stairs

When we assess the health of your physical security, expect our experts to review your systems, procedures and protocols with eyes that question, uncover and envisage. And don’t be alarmed if you find us taking the stairs armed with ladders and flashlights. Because bad actors will.

Sussman protects your business’ physical security with…

– Gap analysis
– Threat assessments
– Security training
– Red teaming
– Security systems design and installation

Real Physical security is…

We must now accept that towers of commerce and public facilities offer target-rich environments for terrorists and criminals alike. Trade centers, malls, concert halls, places of worship and hotels now join mines, airports, power plants and other critical infrastructure as possible targets.

Because post-incident due diligence won’t protect a company’s reputation.

No longer optional
Businesses must now be able to to promise and deliver real security to their customers, employees, shareholders, and society. Those who don’t, do so at their peril.

A building or facility is more than its blueprint. It’s also somewhere. Real security considers local conditions.

Real KYC security

Real KYC security is security for your M&A

M&A deals succeed when trust and transparency are at the table. It’s why you really need to know the company you’re buying and the people who are leading it. Sussman KYC security is thorough but responsible, granular but always ethical. Where others scan, Sussman digs.

Real KYC due diligence is…

M&As that don’t perform as expected because of lack of KYC due diligence cause serious damage to companies and their boards of directors. The faster deals get approved based on real diligence, the faster companies can move to meet their acquisition objectives.

About 10 percent of all large mergers and acquisitions are canceled for reasons that include KYC outcomes. 

The capital markets have been enthralled by genius founders for too long, allowing them to grow without sufficient scrutiny only to be toppled when exposed to the light of day. Post M&A due diligence is not pretty. It protects no one.

Cost effective
Bribery and corruption disempower people and destroys economic growth and opportunity. KYC due diligence is money well spent.